Individuals and organizations often seek to improve the security of their computing systems. One method of improving computer security involves adding software and files to a whitelist. Whitelists generally identify sets of trusted files. For example, a computing system may achieve increased security by executing only whitelisted software packages and/or by permitting access only to whitelisted files. Whitelisting may be used in other ways as well. For example, a computer security system may gain certain efficiencies by forgoing security scans on whitelisted files since such files are already known to be trusted.
While whitelisting can be a powerful tool for improving system efficiency and/or preventing malicious files from harming a system, the ever-increasing quantity and/or complexity of software may make the process of creating and/or maintaining whitelists problematic and/or unwieldy. For example, software that might be considered safe and/or expected in one context may be indicative of problems in another context. As a specific example, software testing tools might be considered safe when installed on a developer's computer but considered problematic when installed on other computing systems. In the latter context, such files should be subject to increased scrutiny rather than added to a whitelist that protects those computing systems. The instant disclosure therefore identifies and addresses a need for improved systems and methods for the automated whitelisting of files.